Skip to main content

Financial

1 CVEs product

Monthly

CVE-2021-39342 HIGH PATCH This Week

The Credova_Financial WordPress plugin discloses a site's associated Credova API account username and password in plaintext via an AJAX action whenever a site user goes to checkout on a page that has. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

WordPress Information Disclosure Financial
NVD
CVSS 3.1
7.5
EPSS
0.7%
EPSS 1% CVSS 7.5
HIGH PATCH This Week

The Credova_Financial WordPress plugin discloses a site's associated Credova API account username and password in plaintext via an AJAX action whenever a site user goes to checkout on a page that has. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

WordPress Information Disclosure Financial
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy